Apple told Reuters that it’s cleaning up its Apple App Store to remove malicious iPhone and iPad programs identified in the first large-scale attack on the online store.
The company disclosed the effort after several cyber security firms reported finding a malicious program dubbed XcodeGhost that was embedded in hundreds of legitimate apps. Reuters notes that this is the first reported case of large numbers of malicious software programs making their way past Apple’s “stringent” app review process.
Before this, a total of just five malicious apps had ever been found in the App Store, according to cyber security firm Palo Alto Networks (paloaltonetworks.com). On Wednesday, Chinese iOS developers disclosed a new OS X and iOS malware on Sina Weibo. Alibaba researchers then posted an analysis report on the malware, giving it the name XcodeGhost. (Alibaba is China’s biggest online commerce company.)
Palo Alto Networks says XcodeGhost is the first compiler malware in OS X. Its malicious code is located in a Mach-O object file that was repackaged into some versions of Xcode installers. Xcode is Apple’s integrated development environment (IDE) tool. Palo Alto Networks has posted a list of some of the apps that have been affected — including the popular Angry Birds 2.
These malicious installers were then uploaded to Baidu’s cloud file sharing service for used by Chinese iOS/OS X developers. Baidu is a Chinese web services company headquartered in Beijing.